5 - 2019 - :: Deepquest ::

>> SOCA Access Control System 180612 Cross Site Request Forgery

USER: deepcore // 2019-05-14 // 0 CMT

SOCA Access Control System version 180612 suffers from a cross site request forgery vulnerability.

USER: deepcore // 2019-05-14 // 0 CMT

During a short security test, SEC Consult found a severe security vulnerability in the clearsign package of supplementary Go cryptography libraries.

USER: deepcore // 2019-05-14 // 0 CMT

This is the systemd-journald exploit produced by Qualys that demonstrates the vulnerabilities as highlighted in CVE-2018-16865 and CVE-2018-16866.

USER: deepcore // 2019-05-14 // 0 CMT

Schneider Electric U.Motion Builder 1.3.4 – ‘track_import_export.php object_id’ Unauthenticated Command Injection

USER: deepcore // 2019-05-14 // 0 CMT

PasteShr 1.6 – Multiple SQL Injection

USER: deepcore // 2019-05-14 // 0 CMT

PHP-Fusion 9.03.00 – ‘Edit Profile’ Remote Code Execution (Metasploit)

USER: deepcore // 2019-05-14 // 0 CMT

Sales ERP 8.1 – Multiple SQL Injection

USER: deepcore // 2019-05-14 // 0 CMT

TwistedBrush Pro Studio 24.06 – ‘.srp’ Denial of Service (PoC)

USER: deepcore // 2019-05-14 // 0 CMT

TwistedBrush Pro Studio 24.06 – ‘Script Recorder’ Denial of Service (PoC)

USER: deepcore // 2019-05-14 // 0 CMT

TwistedBrush Pro Studio 24.06 – ‘Resize Image’ Denial of Service (PoC)